Dobrý den, potřebuji poradit s tímto problémem.Pořádmi Avast při jakémkoliv spuštění aplikace hlásí toto, jedou soubor v profilu... TEMP\HMA.tmp a infekce Win32.Kates-AV.
Díky za pomoc. Níže přikládám log
Logfile of random's system information tool 1.07 (written by random/random)
Run by 1 at 2010-06-10 14:07:05
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 12 GB (60%) free of 20 GB
Total RAM: 1023 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:07:21, on 10.6.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Common Files\Common Toolkit Suite\FighterSuiteService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fighters\SPAMfighter\sfus.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Media Player\setup_wm.exe
D:\Install\Antispy\RSIT.exe
C:\Program Files\trend micro\1.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Eurotran XP - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra 'Tools' menuitem: Eurotran XP... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Common Toolkit Service - SPAMfighter - C:\Program Files\Common Files\Common Toolkit Suite\FighterSuiteService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\SPAMfighter\sfus.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O24 - Desktop Component 0: (no name) - http://vthumb.ak.fbcdn.net/vthumb-ak-sf ... 3_1409.jpg
O24 - Desktop Component 1: (no name) - https://www.chance.cz/tikety/99132663158_195006.png
--
End of file - 7986 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-03-08 279664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE84A6AA-A333-4B92-B276-C11E2212E4FE}]
CPrintEnhancer Object - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll [2006-12-15 599472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-03-08 812528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-18 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-18 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-03-08 279664]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-08-23 16050688]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-03-08 39408]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-05-13 26192168]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-06-10 3037696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-04-04 165784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.0\ICQ.exe [2010-06-08 133368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sfagent]
C:\Program Files\Fighters\SPAMfighter\sfagent.exe [2010-04-20 386696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2010-03-18 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-03-08 39408]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="winmm.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Hry\THQ\MotoGP URT 3\motogp.exe"="D:\Hry\THQ\MotoGP URT 3\motogp.exe:*:Enabled:motogp"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-06-10 14:07:05 ----D---- C:\rsit
2010-06-10 14:07:05 ----D---- C:\Program Files\trend micro
2010-06-10 12:18:22 ----A---- C:\WINDOWS\wininit.ini
2010-06-10 11:53:35 ----D---- C:\Documents and Settings\1\Data aplikací\Spyware Terminator
2010-06-10 11:53:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-06-10 11:53:31 ----D---- C:\Program Files\Spyware Terminator
2010-06-10 11:46:11 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-06-10 11:46:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-06-10 11:06:53 ----D---- C:\Program Files\Common Files\Skype
2010-06-10 11:06:51 ----RD---- C:\Program Files\Skype
2010-06-09 21:06:48 ----D---- C:\Program Files\Common Files\AVSMedia
2010-06-09 21:06:47 ----D---- C:\Program Files\AVSMedia
2010-06-09 21:06:47 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-06-09 21:06:47 ----A---- C:\WINDOWS\system32\msvcr70.dll
2010-06-09 21:06:47 ----A---- C:\WINDOWS\system32\msvcp70.dll
2010-06-09 21:06:47 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2010-06-09 21:06:47 ----A---- C:\WINDOWS\system32\mfc70.dll
2010-06-09 21:06:47 ----A---- C:\WINDOWS\system32\mcdvd_32.dll
2010-06-09 21:06:47 ----A---- C:\WINDOWS\system32\divx.dll
2010-06-09 20:56:47 ----D---- C:\Documents and Settings\1\Data aplikací\dvdcss
2010-06-09 20:52:52 ----D---- C:\Documents and Settings\1\Data aplikací\XnView
2010-06-09 20:50:54 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-06-09 20:50:48 ----D---- C:\Program Files\Alwil Software
2010-06-09 20:50:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-06-09 20:47:12 ----D---- C:\Program Files\CCleaner
2010-06-09 20:43:18 ----D---- C:\Documents and Settings\1\Data aplikací\Ashampoo
2010-06-09 20:43:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\ashampoo
2010-06-09 20:43:11 ----D---- C:\Program Files\Ashampoo Burning Studio 6 FREE
2010-06-09 20:41:44 ----D---- C:\Documents and Settings\1\Data aplikací\vlc
2010-06-09 20:41:06 ----D---- C:\Program Files\VideoLAN
2010-06-09 20:40:34 ----D---- C:\Program Files\XnView
2010-06-09 20:40:21 ----D---- C:\Program Files\totalcmd
2010-06-09 20:39:55 ----D---- C:\Program Files\7-Zip
2010-05-11 22:36:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Common Toolkit Suite
2010-05-11 22:36:07 ----D---- C:\Program Files\Fighters
2010-05-11 22:36:07 ----D---- C:\Program Files\Common Files\Common Toolkit Suite
2010-05-11 22:35:52 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{69F69AB0-8485-4B45-A118-148977C1651A}
2010-05-11 22:34:22 ----D---- C:\Documents and Settings\1\Data aplikací\Fighters
======List of files/folders modified in the last 1 months======
2010-06-10 14:07:13 ----D---- C:\WINDOWS\Prefetch
2010-06-10 14:07:05 ----RD---- C:\Program Files
2010-06-10 14:07:00 ----D---- C:\WINDOWS
2010-06-10 14:03:14 ----A---- C:\WINDOWS\win.ini
2010-06-10 14:03:13 ----SHD---- C:\WINDOWS\Installer
2010-06-10 14:03:13 ----HD---- C:\Config.Msi
2010-06-10 14:03:12 ----D---- C:\WINDOWS\Temp
2010-06-10 14:02:33 ----D---- C:\Documents and Settings\1\Data aplikací\Skype
2010-06-10 14:00:33 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-10 14:00:31 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-10 12:18:53 ----D---- C:\WINDOWS\system32
2010-06-10 11:53:36 ----D---- C:\WINDOWS\system32\drivers
2010-06-10 11:06:53 ----D---- C:\Program Files\Common Files
2010-06-10 11:06:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-06-10 11:06:13 ----D---- C:\Documents and Settings\1\Data aplikací\skypePM
2010-06-09 21:17:05 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-09 21:09:01 ----D---- C:\Documents and Settings\1\Data aplikací\ICQ
2010-06-09 21:08:57 ----SH---- C:\boot.ini
2010-06-09 21:08:57 ----A---- C:\WINDOWS\system.ini
2010-06-09 21:06:52 ----RSD---- C:\WINDOWS\Fonts
2010-06-09 21:01:05 ----AC---- C:\WINDOWS\WINCMD.INI
2010-06-09 20:51:00 ----D---- C:\WINDOWS\WinSxS
2010-06-09 20:50:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-06-09 20:47:36 ----D---- C:\WINDOWS\Debug
2010-06-09 19:29:28 ----D---- C:\Program Files\ICQ7.0
2010-05-16 14:53:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-05-06 28880]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-19 12664]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-05-06 46672]
R1 prodrv04;Star Force copy protection driver v4; C:\WINDOWS\System32\drivers\prodrv04.sys [2007-08-02 114496]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 ASInsHelp;ASInsHelp; \??\C:\WINDOWS\system32\drivers\AsInsHelp32.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-05-06 100432]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-05-06 23376]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-08-22 35712]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-24 4374016]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 awmy8gmz;awmy8gmz; C:\WINDOWS\system32\drivers\awmy8gmz.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-12-06 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-12-06 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-12-06 21568]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\A [2007-12-26 158553]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2006-04-10 241664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 Common Toolkit Service;Common Toolkit Service; C:\Program Files\Common Files\Common Toolkit Suite\FighterSuiteService.exe [2010-04-20 684680]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-18 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-06-10 488960]
R2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files\Fighters\SPAMfighter\sfus.exe [2010-04-20 189064]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-08 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-20 32768]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-03-08 182768]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problém WIN32. Kates AV
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Problém WIN32. Kates AV
Zdravím 
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT - Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: Problém WIN32. Kates AV
OTL Extras logfile created on: 10.6.2010 14:27:26 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\1\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 605,00 Mb Available Physical Memory | 59,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): D:\pagefile.sys 300 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 11,67 Gb Free Space | 59,75% Space Free | Partition Type: NTFS
Drive D: | 166,77 Gb Total Space | 127,81 Gb Free Space | 76,64% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NDAM-7F4EAB82F2
Current User Name: 1
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Hry\THQ\MotoGP URT 3\motogp.exe" = D:\Hry\THQ\MotoGP URT 3\motogp.exe:*:Enabled:motogp -- File not found
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" = C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator -- (Crawler.com)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D0AB230-E7BC-41CB-A50C-F282273E897B}" = SPAMfighter Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Giga Ethernet Utility
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software 8.0
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4FE2FD0C-242A-11D5-8ED5-0050BF5CB907}" = Sleep Walker
"{5A438E06-0BB3-4C5F-0085-B14F1F4077E6}" = FIFA 07
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{71D4305B-56E6-4971-A799-FB7678A1D1AB}" = ASUS ATI Driver
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A200E68-D5F4-4E70-910F-2871753A0E2B}" = Worms World Party
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A99968BE-C155-474C-0089-33239DEE1CE2}" = NFS Underground
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{ACE22C48-49D7-4531-BE20-5C3D03393AB6}" = F4100_Help
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E3030F57-9E6B-4E36-95B6-F7B4DBDEB8FB}" = Aplikace HP Smart Web Printing 1.0
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF35F637-72B9-43BE-A281-06EB2854393A}" = 3DMark03
"7-Zip" = 7-Zip 4.65
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Argon_is1" = Argon
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"AtcL1" = Attansic L1 Gigabit Ethernet Driver
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Rolling Marbles" = Rolling Marbles
"SPAMfighter" = SPAMfighter
"Spyware Terminator_is1" = Spyware Terminator
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.0.5
"XnView_is1" = XnView 1.96
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1659004503-1202660629-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Eurotran XP" = Překladač Eurotran XP
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5.6.2010 0:52:31 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2180, adresa chyby 0x000d82b2.
Error - 5.6.2010 7:14:57 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2180, adresa chyby 0x0007f854.
Error - 5.6.2010 7:15:11 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2180, adresa chyby 0x000998e3.
Error - 5.6.2010 9:42:15 | Computer Name = NDAM-7F4EAB82F2 | Source = MsiInstaller | ID = 11719
Description = Product: DJ_AIO_ProductContext -- Error 1719. The Windows Installer
Service could not be accessed. This can occur if you are running Windows in safe
mode, or if the Windows Installer is not correctly installed. Contact your support
personnel for assistance.
Error - 5.6.2010 13:55:13 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2180, adresa chyby 0x0007f463.
Error - 6.6.2010 15:57:24 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace wmplayer.exe, verze 9.0.0.3250, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 7.6.2010 9:33:53 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2180, adresa chyby 0x0007f463.
Error - 8.6.2010 7:13:16 | Computer Name = NDAM-7F4EAB82F2 | Source = MsiInstaller | ID = 11719
Description = Product: DJ_AIO_ProductContext -- Error 1719. The Windows Installer
Service could not be accessed. This can occur if you are running Windows in safe
mode, or if the Windows Installer is not correctly installed. Contact your support
personnel for assistance.
Error - 8.6.2010 8:25:21 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 8.6.2010 16:46:48 | Computer Name = NDAM-7F4EAB82F2 | Source = MsiInstaller | ID = 11719
Description = Product: DJ_AIO_ProductContext -- Error 1719. The Windows Installer
Service could not be accessed. This can occur if you are running Windows in safe
mode, or if the Windows Installer is not correctly installed. Contact your support
personnel for assistance.
[ System Events ]
Error - 31.5.2010 12:49:05 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.100.11 pro síťovou kartu se síťovou
adresou 0018F31B59EA byla ukončena.
Error - 31.5.2010 12:51:12 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.100.11 pro síťovou kartu s adresou 0018F31B59EA
byla serverem DHCP 192.168.100.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 31.5.2010 12:51:12 | Computer Name = NDAM-7F4EAB82F2 | Source = ipnathlp | ID = 32003
Description = Služba NAT (Network Address Translator) nemohla požádat o operaci překládacího
modulu režimu jádra. To může znamenat špatnou konfiguraci, nedostatek prostředků
nebo vnitřní chybu. Uvedený údaj je kód chyby.
Error - 3.6.2010 12:28:46 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 89.103.228.243 pro síťovou kartu s adresou 0018F31B59EA
byla serverem DHCP 192.168.100.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 3.6.2010 12:28:46 | Computer Name = NDAM-7F4EAB82F2 | Source = ipnathlp | ID = 32003
Description = Služba NAT (Network Address Translator) nemohla požádat o operaci překládacího
modulu režimu jádra. To může znamenat špatnou konfiguraci, nedostatek prostředků
nebo vnitřní chybu. Uvedený údaj je kód chyby.
Error - 3.6.2010 12:28:57 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.100.11 pro síťovou kartu s adresou 0018F31B59EA
byla serverem DHCP 192.168.100.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 3.6.2010 12:28:57 | Computer Name = NDAM-7F4EAB82F2 | Source = ipnathlp | ID = 32003
Description = Služba NAT (Network Address Translator) nemohla požádat o operaci překládacího
modulu režimu jádra. To může znamenat špatnou konfiguraci, nedostatek prostředků
nebo vnitřní chybu. Uvedený údaj je kód chyby.
Error - 3.6.2010 16:30:49 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.100.11 pro síťovou kartu se síťovou
adresou 0018F31B59EA byla ukončena.
Error - 3.6.2010 16:31:11 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.100.11 pro síťovou kartu s adresou 0018F31B59EA
byla serverem DHCP 192.168.100.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 10.6.2010 5:06:52 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 89.103.228.243 pro síťovou kartu s adresou 0018F31B59EA
byla serverem DHCP 192.168.1.100 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
< End of report >
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\1\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 605,00 Mb Available Physical Memory | 59,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): D:\pagefile.sys 300 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 11,67 Gb Free Space | 59,75% Space Free | Partition Type: NTFS
Drive D: | 166,77 Gb Total Space | 127,81 Gb Free Space | 76,64% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NDAM-7F4EAB82F2
Current User Name: 1
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Hry\THQ\MotoGP URT 3\motogp.exe" = D:\Hry\THQ\MotoGP URT 3\motogp.exe:*:Enabled:motogp -- File not found
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" = C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator -- (Crawler.com)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D0AB230-E7BC-41CB-A50C-F282273E897B}" = SPAMfighter Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Giga Ethernet Utility
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software 8.0
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4FE2FD0C-242A-11D5-8ED5-0050BF5CB907}" = Sleep Walker
"{5A438E06-0BB3-4C5F-0085-B14F1F4077E6}" = FIFA 07
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{71D4305B-56E6-4971-A799-FB7678A1D1AB}" = ASUS ATI Driver
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A200E68-D5F4-4E70-910F-2871753A0E2B}" = Worms World Party
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A99968BE-C155-474C-0089-33239DEE1CE2}" = NFS Underground
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{ACE22C48-49D7-4531-BE20-5C3D03393AB6}" = F4100_Help
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E3030F57-9E6B-4E36-95B6-F7B4DBDEB8FB}" = Aplikace HP Smart Web Printing 1.0
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF35F637-72B9-43BE-A281-06EB2854393A}" = 3DMark03
"7-Zip" = 7-Zip 4.65
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Argon_is1" = Argon
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"AtcL1" = Attansic L1 Gigabit Ethernet Driver
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Rolling Marbles" = Rolling Marbles
"SPAMfighter" = SPAMfighter
"Spyware Terminator_is1" = Spyware Terminator
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.0.5
"XnView_is1" = XnView 1.96
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1659004503-1202660629-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Eurotran XP" = Překladač Eurotran XP
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5.6.2010 0:52:31 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2180, adresa chyby 0x000d82b2.
Error - 5.6.2010 7:14:57 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2180, adresa chyby 0x0007f854.
Error - 5.6.2010 7:15:11 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2180, adresa chyby 0x000998e3.
Error - 5.6.2010 9:42:15 | Computer Name = NDAM-7F4EAB82F2 | Source = MsiInstaller | ID = 11719
Description = Product: DJ_AIO_ProductContext -- Error 1719. The Windows Installer
Service could not be accessed. This can occur if you are running Windows in safe
mode, or if the Windows Installer is not correctly installed. Contact your support
personnel for assistance.
Error - 5.6.2010 13:55:13 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2180, adresa chyby 0x0007f463.
Error - 6.6.2010 15:57:24 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace wmplayer.exe, verze 9.0.0.3250, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 7.6.2010 9:33:53 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
mshtml.dll, verze 6.0.2900.2180, adresa chyby 0x0007f463.
Error - 8.6.2010 7:13:16 | Computer Name = NDAM-7F4EAB82F2 | Source = MsiInstaller | ID = 11719
Description = Product: DJ_AIO_ProductContext -- Error 1719. The Windows Installer
Service could not be accessed. This can occur if you are running Windows in safe
mode, or if the Windows Installer is not correctly installed. Contact your support
personnel for assistance.
Error - 8.6.2010 8:25:21 | Computer Name = NDAM-7F4EAB82F2 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 8.6.2010 16:46:48 | Computer Name = NDAM-7F4EAB82F2 | Source = MsiInstaller | ID = 11719
Description = Product: DJ_AIO_ProductContext -- Error 1719. The Windows Installer
Service could not be accessed. This can occur if you are running Windows in safe
mode, or if the Windows Installer is not correctly installed. Contact your support
personnel for assistance.
[ System Events ]
Error - 31.5.2010 12:49:05 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.100.11 pro síťovou kartu se síťovou
adresou 0018F31B59EA byla ukončena.
Error - 31.5.2010 12:51:12 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.100.11 pro síťovou kartu s adresou 0018F31B59EA
byla serverem DHCP 192.168.100.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 31.5.2010 12:51:12 | Computer Name = NDAM-7F4EAB82F2 | Source = ipnathlp | ID = 32003
Description = Služba NAT (Network Address Translator) nemohla požádat o operaci překládacího
modulu režimu jádra. To může znamenat špatnou konfiguraci, nedostatek prostředků
nebo vnitřní chybu. Uvedený údaj je kód chyby.
Error - 3.6.2010 12:28:46 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 89.103.228.243 pro síťovou kartu s adresou 0018F31B59EA
byla serverem DHCP 192.168.100.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 3.6.2010 12:28:46 | Computer Name = NDAM-7F4EAB82F2 | Source = ipnathlp | ID = 32003
Description = Služba NAT (Network Address Translator) nemohla požádat o operaci překládacího
modulu režimu jádra. To může znamenat špatnou konfiguraci, nedostatek prostředků
nebo vnitřní chybu. Uvedený údaj je kód chyby.
Error - 3.6.2010 12:28:57 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.100.11 pro síťovou kartu s adresou 0018F31B59EA
byla serverem DHCP 192.168.100.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 3.6.2010 12:28:57 | Computer Name = NDAM-7F4EAB82F2 | Source = ipnathlp | ID = 32003
Description = Služba NAT (Network Address Translator) nemohla požádat o operaci překládacího
modulu režimu jádra. To může znamenat špatnou konfiguraci, nedostatek prostředků
nebo vnitřní chybu. Uvedený údaj je kód chyby.
Error - 3.6.2010 16:30:49 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.100.11 pro síťovou kartu se síťovou
adresou 0018F31B59EA byla ukončena.
Error - 3.6.2010 16:31:11 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.100.11 pro síťovou kartu s adresou 0018F31B59EA
byla serverem DHCP 192.168.100.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 10.6.2010 5:06:52 | Computer Name = NDAM-7F4EAB82F2 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 89.103.228.243 pro síťovou kartu s adresou 0018F31B59EA
byla serverem DHCP 192.168.1.100 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
< End of report >
Re: Problém WIN32. Kates AV
OTL logfile created on: 10.6.2010 14:27:26 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\1\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 605,00 Mb Available Physical Memory | 59,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): D:\pagefile.sys 300 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 11,67 Gb Free Space | 59,75% Space Free | Partition Type: NTFS
Drive D: | 166,77 Gb Total Space | 127,81 Gb Free Space | 76,64% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NDAM-7F4EAB82F2
Current User Name: 1
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.10 14:25:35 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\1\Plocha\OTL.exe
PRC - [2010.06.10 11:53:36 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2010.06.10 11:53:35 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.05.06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.04.20 12:37:17 | 000,684,680 | ---- | M] (SPAMfighter) -- C:\Program Files\Common Files\Common Toolkit Suite\FighterSuiteService.exe
PRC - [2010.04.20 12:37:02 | 000,189,064 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\Fighters\SPAMfighter\sfus.exe
PRC - [2010.03.08 16:14:26 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010.01.03 18:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2006.04.10 17:54:14 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2004.12.14 04:44:30 | 000,065,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
PRC - [2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010.06.10 14:25:35 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\1\Plocha\OTL.exe
MOD - [2004.08.17 15:48:02 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004.08.03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.06.10 11:53:35 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.04.20 12:37:17 | 000,684,680 | ---- | M] (SPAMfighter) [Auto | Running] -- C:\Program Files\Common Files\Common Toolkit Suite\FighterSuiteService.exe -- (Common Toolkit Service)
SRV - [2010.04.20 12:37:02 | 000,189,064 | ---- | M] (SPAMfighter ApS) [Auto | Running] -- C:\Program Files\Fighters\SPAMfighter\sfus.exe -- (SPAMfighter Update Service)
SRV - [2010.01.03 18:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2006.04.10 17:54:14 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)
========== Driver Services (SafeList) ==========
DRV - [2010.06.10 11:53:35 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.05.06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.05.06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2007.08.02 14:37:15 | 000,114,496 | ---- | M] (Protection Technology Co.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv04.sys -- (prodrv04)
DRV - [2007.07.30 16:11:47 | 000,682,232 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2006.11.07 10:42:16 | 000,061,504 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200bus.sys -- (w200bus) Sony Ericsson W200 driver (WDM)
DRV - [2006.10.19 03:12:16 | 000,012,664 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006.10.19 03:11:12 | 000,010,304 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AsInsHelp32.sys -- (ASInsHelp)
DRV - [2006.08.24 11:37:50 | 004,374,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.08.22 21:36:56 | 000,035,712 | ---- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2006.07.04 03:21:54 | 000,063,232 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv614x.sys -- (mv614x)
DRV - [2006.05.15 08:18:00 | 000,012,416 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2006.05.03 06:50:00 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.02.23 19:39:06 | 000,011,264 | ---- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2006.02.23 19:38:32 | 000,009,728 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2005.10.18 15:01:38 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004.08.03 22:59:44 | 000,095,360 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2004.04.30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004.04.30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2010.06.10 11:49:36 | 000,404,368 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13983 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (CPrintEnhancer Object) - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll (Hewlett-Packard Co.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\Toolbar\ShellBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Eurotran XP - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Eurotran XP\etnxp.dll ()
O9 - Extra 'Tools' menuitem : Eurotran XP... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll ()
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([*] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..Trusted Domains: mojebanka.cz ([*] https in Důvěryhodné servery)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - http://vthumb.ak.fbcdn.net/vthumb-ak-sf ... 3_1409.jpg
O24 - Desktop Components:1 () - https://www.chance.cz/tikety/99132663158_195006.png
O24 - Desktop Components:2 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\1\Data aplikací\Microsoft\Internet Explorer\Tapeta aplikace Internet Explorer.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\1\Data aplikací\Microsoft\Internet Explorer\Tapeta aplikace Internet Explorer.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002.05.15 23:39:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2002.05.15 23:38:49 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mp42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55464181163360256)
========== Files/Folders - Created Within 30 Days ==========
[2010.06.10 14:25:33 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\1\Plocha\OTL.exe
[2010.06.10 14:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.10 14:07:05 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.10 11:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Data aplikací\Spyware Terminator
[2010.06.10 11:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.06.10 11:53:31 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2010.06.10 11:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.06.10 11:46:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2010.06.10 11:06:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.06.10 11:06:51 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010.06.09 21:10:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\1\Dokumenty\Obrázky
[2010.06.09 21:06:48 | 000,082,944 | ---- | C] (Voxware, Inc.) -- C:\WINDOWS\System32\vct3216.acm
[2010.06.09 21:06:48 | 000,081,920 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\AC3ACM.acm
[2010.06.09 21:06:48 | 000,038,912 | ---- | C] (NCT Company) -- C:\WINDOWS\System32\alf2cd.acm
[2010.06.09 21:06:48 | 000,013,239 | ---- | C] (SHARP Corporation) -- C:\WINDOWS\System32\Scg726.acm
[2010.06.09 21:06:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2010.06.09 21:06:47 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70.dll
[2010.06.09 21:06:47 | 000,638,976 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divx.dll
[2010.06.09 21:06:47 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp70.dll
[2010.06.09 21:06:47 | 000,413,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll
[2010.06.09 21:06:47 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2010.06.09 21:06:47 | 000,261,632 | ---- | C] (MainConcept) -- C:\WINDOWS\System32\mcdvd_32.dll
[2010.06.09 21:06:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVSMedia
[2010.06.09 20:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Data aplikací\dvdcss
[2010.06.09 20:52:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Data aplikací\XnView
[2010.06.09 20:51:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Dokumenty\Přijaté soubory
[2010.06.09 20:51:06 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.06.09 20:51:06 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.06.09 20:51:06 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.06.09 20:51:05 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.06.09 20:51:04 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.06.09 20:51:04 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.06.09 20:51:04 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.06.09 20:50:54 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.06.09 20:50:54 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010.06.09 20:50:48 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.06.09 20:50:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.06.09 20:47:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\1\Recent
[2010.06.09 20:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.06.09 20:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Data aplikací\Ashampoo
[2010.06.09 20:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2010.06.09 20:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Local Settings\Data aplikací\ashampoo
[2010.06.09 20:43:11 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo Burning Studio 6 FREE
[2010.06.09 20:41:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Data aplikací\vlc
[2010.06.09 20:41:06 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010.06.09 20:40:34 | 000,000,000 | ---D | C] -- C:\Program Files\XnView
[2010.06.09 20:40:21 | 000,000,000 | ---D | C] -- C:\Program Files\totalcmd
[2010.06.09 20:39:55 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010.05.11 22:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Toolkit Suite
[2010.05.11 22:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\Fighters
[2010.05.11 22:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Common Toolkit Suite
[2010.05.11 22:35:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\{69F69AB0-8485-4B45-A118-148977C1651A}
[2010.05.11 22:34:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Data aplikací\Fighters
[2010.05.11 22:34:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Local Settings\Data aplikací\PackageAware
[2002.05.16 04:53:47 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2002.05.16 04:53:47 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.10 14:25:35 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\1\Plocha\OTL.exe
[2010.06.10 14:25:14 | 000,000,512 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.06.10 14:01:52 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.10 14:01:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.10 14:01:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.10 14:00:28 | 008,650,752 | -H-- | M] () -- C:\Documents and Settings\1\NTUSER.DAT
[2010.06.10 14:00:28 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\1\ntuser.ini
[2010.06.10 14:00:19 | 004,311,980 | -H-- | M] () -- C:\Documents and Settings\1\Local Settings\Data aplikací\IconCache.db
[2010.06.10 13:34:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.10 12:19:25 | 000,006,019 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010.06.10 12:00:49 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator.lnk
[2010.06.10 11:53:35 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.06.10 11:49:36 | 000,404,368 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.06.10 11:09:46 | 000,058,368 | ---- | M] () -- C:\Documents and Settings\1\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.10 11:07:28 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.06.09 21:17:05 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.09 21:16:15 | 000,000,022 | ---- | M] () -- C:\Documents and Settings\1\Data aplikací\AVSDVDPlayer.m3u
[2010.06.09 21:09:55 | 000,094,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.09 21:08:57 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.06.09 21:08:57 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.06.09 21:06:56 | 000,000,914 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AVS DVD Player.lnk
[2010.06.09 21:01:05 | 000,001,039 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010.06.09 20:52:56 | 000,000,612 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Prohlizec fotek.lnk
[2010.06.09 20:51:06 | 000,001,706 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.06.09 20:51:04 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.06.09 20:47:13 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\1\Plocha\CCleaner.lnk
[2010.06.09 20:43:14 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Vypalova CD,DVD.lnk
[2010.06.09 20:41:25 | 000,000,725 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2010.06.09 20:40:22 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Total Commander.lnk
[2010.06.09 20:35:54 | 000,000,420 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Decka-video.lnk
[2010.06.09 20:32:52 | 000,000,338 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Fotky.lnk
[2010.06.09 20:32:44 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Pohadky.lnk
[2010.06.09 20:32:41 | 000,000,330 | ---- | M] () -- C:\Documents and Settings\1\Plocha\MP3.lnk
[2010.06.09 19:51:37 | 000,000,334 | ---- | M] () -- C:\Documents and Settings\1\Plocha\filmy.lnk
[2010.06.01 18:05:56 | 000,040,565 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Vyplatní lístky.pdf
[2010.05.26 15:17:58 | 000,000,292 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Lady Gaga.htm
[2010.05.24 16:56:26 | 000,000,401 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Ruda+Martina Pártlová.htm
[2010.05.23 16:07:44 | 000,000,292 | ---- | M] () -- C:\Documents and Settings\1\Plocha\CR-SWE.htm
[2010.05.23 10:03:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.22 19:58:38 | 000,037,757 | ---- | M] () -- C:\Documents and Settings\1\Plocha\256504-katy-perry-hot-n-cold.htm
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.10 12:18:22 | 000,006,019 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.06.10 12:00:49 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator.lnk
[2010.06.10 11:53:35 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.06.10 11:07:28 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.06.09 21:11:02 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\1\Data aplikací\AVSDVDPlayer.m3u
[2010.06.09 21:06:56 | 000,000,914 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\AVS DVD Player.lnk
[2010.06.09 21:06:47 | 000,156,910 | ---- | C] () -- C:\WINDOWS\WMSysPr8.prx
[2010.06.09 21:06:47 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.06.09 20:51:06 | 000,001,706 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.06.09 20:47:13 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\1\Plocha\CCleaner.lnk
[2010.06.09 20:43:14 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Vypalova CD,DVD.lnk
[2010.06.09 20:41:25 | 000,000,725 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2010.06.09 20:40:36 | 000,000,612 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Prohlizec fotek.lnk
[2010.06.09 20:40:22 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Total Commander.lnk
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[2010.06.09 20:35:54 | 000,000,420 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Decka-video.lnk
[2010.06.09 20:32:52 | 000,000,338 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Fotky.lnk
[2010.06.09 20:32:44 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Pohadky.lnk
[2010.06.09 20:32:41 | 000,000,330 | ---- | C] () -- C:\Documents and Settings\1\Plocha\MP3.lnk
[2010.06.09 19:51:37 | 000,000,334 | ---- | C] () -- C:\Documents and Settings\1\Plocha\filmy.lnk
[2010.06.01 18:05:56 | 000,040,565 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Vyplatní lístky.pdf
[2010.05.26 15:17:58 | 000,000,292 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Lady Gaga.htm
[2010.05.24 16:56:25 | 000,000,401 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Ruda+Martina Pártlová.htm
[2010.05.23 16:07:44 | 000,000,292 | ---- | C] () -- C:\Documents and Settings\1\Plocha\CR-SWE.htm
[2010.05.22 19:58:37 | 000,037,757 | ---- | C] () -- C:\Documents and Settings\1\Plocha\256504-katy-perry-hot-n-cold.htm
[2007.09.26 16:22:54 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2007.08.02 21:16:27 | 000,000,165 | ---- | C] () -- C:\WINDOWS\SNOW.INI
[2007.08.02 21:09:40 | 000,000,675 | ---- | C] () -- C:\WINDOWS\HAMMER.INI
[2007.08.02 14:22:56 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007.07.31 22:15:07 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2007.07.31 22:15:07 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2007.07.31 21:52:35 | 000,000,684 | ---- | C] () -- C:\WINDOWS\Sof.INI
[2007.07.30 20:29:47 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI
[2007.07.30 16:11:47 | 000,682,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004.08.17 15:49:10 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.08.03 22:59:44 | 000,095,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2002.05.16 02:03:19 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2002.05.16 00:12:26 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2002.05.16 00:04:02 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2002.05.16 00:04:02 | 000,012,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2002.05.16 00:04:00 | 000,012,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2002.05.16 00:04:00 | 000,010,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2002.05.16 00:03:57 | 000,063,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\mv614x.sys
[2002.05.16 00:03:45 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2002.05.16 00:01:08 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2002.05.15 23:58:08 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2002.05.15 23:58:08 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2002.05.15 23:58:08 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2002.05.15 23:58:08 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2002.05.15 23:58:08 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2002.05.15 23:58:08 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2002.05.15 23:58:08 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2002.05.15 23:58:08 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2002.05.15 23:58:08 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2002.05.15 23:58:08 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2002.05.15 23:50:21 | 000,001,039 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
========== LOP Check ==========
[2010.06.09 20:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Ashampoo
[2010.05.11 22:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Fighters
[2010.06.09 21:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\ICQ
[2010.03.10 16:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Image Zone Express
[2007.08.19 23:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Printer Info Cache
[2010.06.10 12:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Spyware Terminator
[2010.06.10 11:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\XnView
[2010.06.09 20:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.06.09 20:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2010.05.11 22:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Toolkit Suite
[2010.03.08 23:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2007.07.30 02:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NFS Underground
[2010.06.10 12:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.05.11 22:36:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{69F69AB0-8485-4B45-A118-148977C1651A}
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2010.03.08 16:14:26 | 000,039,408 | ---- | M] (Google Inc.)
"Skype" = "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2010.05.13 16:12:40 | 026,192,168 | R--- | M] (Skype Technologies S.A.)
"SpywareTerminatorUpdate" = "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" -- [2010.06.10 11:53:36 | 003,037,696 | ---- | M] (Crawler.com)
< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.09.25 05:33:57 | 008,082,944 | ---- | M] () -- C:\FIFA08.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.03.06 20:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Adobe
[2010.03.05 14:50:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\AdobeUM
[2010.06.09 20:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Ashampoo
[2008.03.16 21:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\CyberLink
[2010.06.09 21:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\dvdcss
[2010.05.11 22:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Fighters
[2010.03.08 16:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Google
[2008.12.26 21:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Help
[2007.09.26 16:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\HP
[2010.06.09 21:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\ICQ
[2002.05.15 23:43:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Identities
[2010.03.10 16:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Image Zone Express
[2010.03.22 22:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Macromedia
[2010.03.05 11:24:13 | 000,000,000 | --SD | M] -- C:\Documents and Settings\1\Data aplikací\Microsoft
[2010.03.08 23:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Mozilla
[2007.08.19 23:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Printer Info Cache
[2007.12.24 21:52:22 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\1\Data aplikací\SecuROM
[2010.06.10 14:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Skype
[2010.06.10 11:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\skypePM
[2010.06.10 12:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Spyware Terminator
[2010.03.18 20:11:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Sun
[2010.06.09 21:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\vlc
[2010.04.29 17:53:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\WinRAR
[2010.06.10 11:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\XnView
< %APPDATA%\*.exe /s >
[2010.03.06 20:49:25 | 001,956,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\1\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2007.08.02 21:21:47 | 000,005,120 | R--- | M] () -- C:\Documents and Settings\1\Data aplikací\Microsoft\Installer\{4FE2FD0C-242A-11D5-8ED5-0050BF5CB907}\IconAD931981.exe
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
< MD5 for: ISAPNP.SYS >
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys
[2007.07.30 16:11:47 | 000,682,232 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2002.05.16 01:31:01 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2002.05.16 01:31:01 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2002.05.16 01:31:01 | 000,495,616 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
[2010.06.10 11:53:35 | 000,142,592 | ---- | M] () -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
< %systemroot%\system32\*.* /3 >
[2010.06.09 20:51:04 | 000,002,553 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2010.06.10 11:07:28 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\system32\ezsidmv.dat
[2010.06.09 21:09:55 | 000,094,272 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
Na PC budu az vecer tak zatim moc diky za pomoc
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\1\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 605,00 Mb Available Physical Memory | 59,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): D:\pagefile.sys 300 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 11,67 Gb Free Space | 59,75% Space Free | Partition Type: NTFS
Drive D: | 166,77 Gb Total Space | 127,81 Gb Free Space | 76,64% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NDAM-7F4EAB82F2
Current User Name: 1
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.10 14:25:35 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\1\Plocha\OTL.exe
PRC - [2010.06.10 11:53:36 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2010.06.10 11:53:35 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.05.06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.04.20 12:37:17 | 000,684,680 | ---- | M] (SPAMfighter) -- C:\Program Files\Common Files\Common Toolkit Suite\FighterSuiteService.exe
PRC - [2010.04.20 12:37:02 | 000,189,064 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\Fighters\SPAMfighter\sfus.exe
PRC - [2010.03.08 16:14:26 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010.01.03 18:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2006.04.10 17:54:14 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2004.12.14 04:44:30 | 000,065,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
PRC - [2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010.06.10 14:25:35 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\1\Plocha\OTL.exe
MOD - [2004.08.17 15:48:02 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004.08.03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.06.10 11:53:35 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.04.20 12:37:17 | 000,684,680 | ---- | M] (SPAMfighter) [Auto | Running] -- C:\Program Files\Common Files\Common Toolkit Suite\FighterSuiteService.exe -- (Common Toolkit Service)
SRV - [2010.04.20 12:37:02 | 000,189,064 | ---- | M] (SPAMfighter ApS) [Auto | Running] -- C:\Program Files\Fighters\SPAMfighter\sfus.exe -- (SPAMfighter Update Service)
SRV - [2010.01.03 18:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2006.04.10 17:54:14 | 000,241,664 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)
========== Driver Services (SafeList) ==========
DRV - [2010.06.10 11:53:35 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.05.06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.05.06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2007.08.02 14:37:15 | 000,114,496 | ---- | M] (Protection Technology Co.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv04.sys -- (prodrv04)
DRV - [2007.07.30 16:11:47 | 000,682,232 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2006.11.07 10:42:16 | 000,061,504 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200bus.sys -- (w200bus) Sony Ericsson W200 driver (WDM)
DRV - [2006.10.19 03:12:16 | 000,012,664 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006.10.19 03:11:12 | 000,010,304 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AsInsHelp32.sys -- (ASInsHelp)
DRV - [2006.08.24 11:37:50 | 004,374,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.08.22 21:36:56 | 000,035,712 | ---- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2006.07.04 03:21:54 | 000,063,232 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv614x.sys -- (mv614x)
DRV - [2006.05.15 08:18:00 | 000,012,416 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2006.05.03 06:50:00 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.02.23 19:39:06 | 000,011,264 | ---- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2006.02.23 19:38:32 | 000,009,728 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2005.10.18 15:01:38 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004.08.03 22:59:44 | 000,095,360 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2004.04.30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004.04.30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2010.06.10 11:49:36 | 000,404,368 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13983 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (CPrintEnhancer Object) - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll (Hewlett-Packard Co.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\Toolbar\ShellBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Eurotran XP - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Eurotran XP\etnxp.dll ()
O9 - Extra 'Tools' menuitem : Eurotran XP... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll ()
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([*] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..Trusted Domains: mojebanka.cz ([*] https in Důvěryhodné servery)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - http://vthumb.ak.fbcdn.net/vthumb-ak-sf ... 3_1409.jpg
O24 - Desktop Components:1 () - https://www.chance.cz/tikety/99132663158_195006.png
O24 - Desktop Components:2 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\1\Data aplikací\Microsoft\Internet Explorer\Tapeta aplikace Internet Explorer.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\1\Data aplikací\Microsoft\Internet Explorer\Tapeta aplikace Internet Explorer.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002.05.15 23:39:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2002.05.15 23:38:49 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mp42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55464181163360256)
========== Files/Folders - Created Within 30 Days ==========
[2010.06.10 14:25:33 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\1\Plocha\OTL.exe
[2010.06.10 14:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.10 14:07:05 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.10 11:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Data aplikací\Spyware Terminator
[2010.06.10 11:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.06.10 11:53:31 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2010.06.10 11:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.06.10 11:46:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2010.06.10 11:06:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.06.10 11:06:51 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010.06.09 21:10:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\1\Dokumenty\Obrázky
[2010.06.09 21:06:48 | 000,082,944 | ---- | C] (Voxware, Inc.) -- C:\WINDOWS\System32\vct3216.acm
[2010.06.09 21:06:48 | 000,081,920 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\AC3ACM.acm
[2010.06.09 21:06:48 | 000,038,912 | ---- | C] (NCT Company) -- C:\WINDOWS\System32\alf2cd.acm
[2010.06.09 21:06:48 | 000,013,239 | ---- | C] (SHARP Corporation) -- C:\WINDOWS\System32\Scg726.acm
[2010.06.09 21:06:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2010.06.09 21:06:47 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70.dll
[2010.06.09 21:06:47 | 000,638,976 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divx.dll
[2010.06.09 21:06:47 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp70.dll
[2010.06.09 21:06:47 | 000,413,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll
[2010.06.09 21:06:47 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2010.06.09 21:06:47 | 000,261,632 | ---- | C] (MainConcept) -- C:\WINDOWS\System32\mcdvd_32.dll
[2010.06.09 21:06:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVSMedia
[2010.06.09 20:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Data aplikací\dvdcss
[2010.06.09 20:52:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Data aplikací\XnView
[2010.06.09 20:51:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Dokumenty\Přijaté soubory
[2010.06.09 20:51:06 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.06.09 20:51:06 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.06.09 20:51:06 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.06.09 20:51:05 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.06.09 20:51:04 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.06.09 20:51:04 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.06.09 20:51:04 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.06.09 20:50:54 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.06.09 20:50:54 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010.06.09 20:50:48 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.06.09 20:50:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.06.09 20:47:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\1\Recent
[2010.06.09 20:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.06.09 20:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Data aplikací\Ashampoo
[2010.06.09 20:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2010.06.09 20:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Local Settings\Data aplikací\ashampoo
[2010.06.09 20:43:11 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo Burning Studio 6 FREE
[2010.06.09 20:41:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Data aplikací\vlc
[2010.06.09 20:41:06 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010.06.09 20:40:34 | 000,000,000 | ---D | C] -- C:\Program Files\XnView
[2010.06.09 20:40:21 | 000,000,000 | ---D | C] -- C:\Program Files\totalcmd
[2010.06.09 20:39:55 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010.05.11 22:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Toolkit Suite
[2010.05.11 22:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\Fighters
[2010.05.11 22:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Common Toolkit Suite
[2010.05.11 22:35:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\{69F69AB0-8485-4B45-A118-148977C1651A}
[2010.05.11 22:34:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Data aplikací\Fighters
[2010.05.11 22:34:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\1\Local Settings\Data aplikací\PackageAware
[2002.05.16 04:53:47 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2002.05.16 04:53:47 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.10 14:25:35 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\1\Plocha\OTL.exe
[2010.06.10 14:25:14 | 000,000,512 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.06.10 14:01:52 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.10 14:01:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.10 14:01:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.10 14:00:28 | 008,650,752 | -H-- | M] () -- C:\Documents and Settings\1\NTUSER.DAT
[2010.06.10 14:00:28 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\1\ntuser.ini
[2010.06.10 14:00:19 | 004,311,980 | -H-- | M] () -- C:\Documents and Settings\1\Local Settings\Data aplikací\IconCache.db
[2010.06.10 13:34:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.10 12:19:25 | 000,006,019 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010.06.10 12:00:49 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator.lnk
[2010.06.10 11:53:35 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.06.10 11:49:36 | 000,404,368 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.06.10 11:09:46 | 000,058,368 | ---- | M] () -- C:\Documents and Settings\1\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.10 11:07:28 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.06.09 21:17:05 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.09 21:16:15 | 000,000,022 | ---- | M] () -- C:\Documents and Settings\1\Data aplikací\AVSDVDPlayer.m3u
[2010.06.09 21:09:55 | 000,094,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.09 21:08:57 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.06.09 21:08:57 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.06.09 21:06:56 | 000,000,914 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AVS DVD Player.lnk
[2010.06.09 21:01:05 | 000,001,039 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010.06.09 20:52:56 | 000,000,612 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Prohlizec fotek.lnk
[2010.06.09 20:51:06 | 000,001,706 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.06.09 20:51:04 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.06.09 20:47:13 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\1\Plocha\CCleaner.lnk
[2010.06.09 20:43:14 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Vypalova CD,DVD.lnk
[2010.06.09 20:41:25 | 000,000,725 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2010.06.09 20:40:22 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Total Commander.lnk
[2010.06.09 20:35:54 | 000,000,420 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Decka-video.lnk
[2010.06.09 20:32:52 | 000,000,338 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Fotky.lnk
[2010.06.09 20:32:44 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Pohadky.lnk
[2010.06.09 20:32:41 | 000,000,330 | ---- | M] () -- C:\Documents and Settings\1\Plocha\MP3.lnk
[2010.06.09 19:51:37 | 000,000,334 | ---- | M] () -- C:\Documents and Settings\1\Plocha\filmy.lnk
[2010.06.01 18:05:56 | 000,040,565 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Vyplatní lístky.pdf
[2010.05.26 15:17:58 | 000,000,292 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Lady Gaga.htm
[2010.05.24 16:56:26 | 000,000,401 | ---- | M] () -- C:\Documents and Settings\1\Plocha\Ruda+Martina Pártlová.htm
[2010.05.23 16:07:44 | 000,000,292 | ---- | M] () -- C:\Documents and Settings\1\Plocha\CR-SWE.htm
[2010.05.23 10:03:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.22 19:58:38 | 000,037,757 | ---- | M] () -- C:\Documents and Settings\1\Plocha\256504-katy-perry-hot-n-cold.htm
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.10 12:18:22 | 000,006,019 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.06.10 12:00:49 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator.lnk
[2010.06.10 11:53:35 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.06.10 11:07:28 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.06.09 21:11:02 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\1\Data aplikací\AVSDVDPlayer.m3u
[2010.06.09 21:06:56 | 000,000,914 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\AVS DVD Player.lnk
[2010.06.09 21:06:47 | 000,156,910 | ---- | C] () -- C:\WINDOWS\WMSysPr8.prx
[2010.06.09 21:06:47 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.06.09 20:51:06 | 000,001,706 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.06.09 20:47:13 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\1\Plocha\CCleaner.lnk
[2010.06.09 20:43:14 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Vypalova CD,DVD.lnk
[2010.06.09 20:41:25 | 000,000,725 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2010.06.09 20:40:36 | 000,000,612 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Prohlizec fotek.lnk
[2010.06.09 20:40:22 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Total Commander.lnk
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[2010.06.09 20:40:21 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[2010.06.09 20:35:54 | 000,000,420 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Decka-video.lnk
[2010.06.09 20:32:52 | 000,000,338 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Fotky.lnk
[2010.06.09 20:32:44 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Pohadky.lnk
[2010.06.09 20:32:41 | 000,000,330 | ---- | C] () -- C:\Documents and Settings\1\Plocha\MP3.lnk
[2010.06.09 19:51:37 | 000,000,334 | ---- | C] () -- C:\Documents and Settings\1\Plocha\filmy.lnk
[2010.06.01 18:05:56 | 000,040,565 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Vyplatní lístky.pdf
[2010.05.26 15:17:58 | 000,000,292 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Lady Gaga.htm
[2010.05.24 16:56:25 | 000,000,401 | ---- | C] () -- C:\Documents and Settings\1\Plocha\Ruda+Martina Pártlová.htm
[2010.05.23 16:07:44 | 000,000,292 | ---- | C] () -- C:\Documents and Settings\1\Plocha\CR-SWE.htm
[2010.05.22 19:58:37 | 000,037,757 | ---- | C] () -- C:\Documents and Settings\1\Plocha\256504-katy-perry-hot-n-cold.htm
[2007.09.26 16:22:54 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2007.08.02 21:16:27 | 000,000,165 | ---- | C] () -- C:\WINDOWS\SNOW.INI
[2007.08.02 21:09:40 | 000,000,675 | ---- | C] () -- C:\WINDOWS\HAMMER.INI
[2007.08.02 14:22:56 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007.07.31 22:15:07 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2007.07.31 22:15:07 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2007.07.31 21:52:35 | 000,000,684 | ---- | C] () -- C:\WINDOWS\Sof.INI
[2007.07.30 20:29:47 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI
[2007.07.30 16:11:47 | 000,682,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004.08.17 15:49:10 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.08.03 22:59:44 | 000,095,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2002.05.16 02:03:19 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2002.05.16 00:12:26 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2002.05.16 00:04:02 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2002.05.16 00:04:02 | 000,012,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2002.05.16 00:04:00 | 000,012,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2002.05.16 00:04:00 | 000,010,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2002.05.16 00:03:57 | 000,063,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\mv614x.sys
[2002.05.16 00:03:45 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2002.05.16 00:01:08 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2002.05.15 23:58:08 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2002.05.15 23:58:08 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2002.05.15 23:58:08 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2002.05.15 23:58:08 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2002.05.15 23:58:08 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2002.05.15 23:58:08 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2002.05.15 23:58:08 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2002.05.15 23:58:08 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2002.05.15 23:58:08 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2002.05.15 23:58:08 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2002.05.15 23:50:21 | 000,001,039 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
========== LOP Check ==========
[2010.06.09 20:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Ashampoo
[2010.05.11 22:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Fighters
[2010.06.09 21:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\ICQ
[2010.03.10 16:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Image Zone Express
[2007.08.19 23:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Printer Info Cache
[2010.06.10 12:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Spyware Terminator
[2010.06.10 11:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\XnView
[2010.06.09 20:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.06.09 20:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2010.05.11 22:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Toolkit Suite
[2010.03.08 23:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2007.07.30 02:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NFS Underground
[2010.06.10 12:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.05.11 22:36:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{69F69AB0-8485-4B45-A118-148977C1651A}
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2010.03.08 16:14:26 | 000,039,408 | ---- | M] (Google Inc.)
"Skype" = "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2010.05.13 16:12:40 | 026,192,168 | R--- | M] (Skype Technologies S.A.)
"SpywareTerminatorUpdate" = "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" -- [2010.06.10 11:53:36 | 003,037,696 | ---- | M] (Crawler.com)
< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.09.25 05:33:57 | 008,082,944 | ---- | M] () -- C:\FIFA08.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.03.06 20:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Adobe
[2010.03.05 14:50:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\AdobeUM
[2010.06.09 20:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Ashampoo
[2008.03.16 21:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\CyberLink
[2010.06.09 21:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\dvdcss
[2010.05.11 22:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Fighters
[2010.03.08 16:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Google
[2008.12.26 21:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Help
[2007.09.26 16:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\HP
[2010.06.09 21:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\ICQ
[2002.05.15 23:43:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Identities
[2010.03.10 16:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Image Zone Express
[2010.03.22 22:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Macromedia
[2010.03.05 11:24:13 | 000,000,000 | --SD | M] -- C:\Documents and Settings\1\Data aplikací\Microsoft
[2010.03.08 23:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Mozilla
[2007.08.19 23:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Printer Info Cache
[2007.12.24 21:52:22 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\1\Data aplikací\SecuROM
[2010.06.10 14:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Skype
[2010.06.10 11:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\skypePM
[2010.06.10 12:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Spyware Terminator
[2010.03.18 20:11:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\Sun
[2010.06.09 21:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\vlc
[2010.04.29 17:53:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\WinRAR
[2010.06.10 11:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\1\Data aplikací\XnView
< %APPDATA%\*.exe /s >
[2010.03.06 20:49:25 | 001,956,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\1\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2007.08.02 21:21:47 | 000,005,120 | R--- | M] () -- C:\Documents and Settings\1\Data aplikací\Microsoft\Installer\{4FE2FD0C-242A-11D5-8ED5-0050BF5CB907}\IconAD931981.exe
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
< MD5 for: ISAPNP.SYS >
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys
[2007.07.30 16:11:47 | 000,682,232 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2002.05.16 01:31:01 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2002.05.16 01:31:01 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2002.05.16 01:31:01 | 000,495,616 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
[2010.06.10 11:53:35 | 000,142,592 | ---- | M] () -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
< %systemroot%\system32\*.* /3 >
[2010.06.09 20:51:04 | 000,002,553 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2010.06.10 11:07:28 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\system32\ezsidmv.dat
[2010.06.09 21:09:55 | 000,094,272 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
Na PC budu az vecer tak zatim moc diky za pomoc
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Problém WIN32. Kates AV
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:OTL
O3 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\Toolbar\ShellBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2010.06.10 11:07:28 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2002.05.16 00:12:26 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS]
[CREATERESTOREPOINT]C:\WINDOWS\UC.PIF
(Soubor/y nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)
Re: Problém WIN32. Kates AV
All processes killed
Error: Unable to interpret <OTL> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\Toolbar\ShellBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.> in the current context!
Error: Unable to interpret <[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]> in the current context!
Error: Unable to interpret <[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]> in the current context!
Error: Unable to interpret <[2010.06.10 11:07:28 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat> in the current context!
Error: Unable to interpret <[2002.05.16 00:12:26 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys> in the current context!
========== COMMANDS ==========
[EMPTYTEMP]
User: 1
->Temp folder emptied: 25600298 bytes
->Temporary Internet Files folder emptied: 12157429 bytes
->Java cache emptied: 1912167 bytes
->Flash cache emptied: 1959448 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 51119 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 1419752 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4241394 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 9528969 bytes
Total Files Cleaned = 56,00 mb
[EMPTYFLASH]
User: 1
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.6.0 log created on 06102010_220007
Files\Folders moved on Reboot...
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\QBU3ZFM1\afr[2].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\QBU3ZFM1\afr[3].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\QBU3ZFM1\afr[4].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\QBU3ZFM1\honeypot_export[1].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\JZ21RTHE\viewtopic[1].htm moved successfully.
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Error: Unable to interpret <OTL> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\Toolbar\ShellBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.> in the current context!
Error: Unable to interpret <[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]> in the current context!
Error: Unable to interpret <[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]> in the current context!
Error: Unable to interpret <[2010.06.10 11:07:28 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat> in the current context!
Error: Unable to interpret <[2002.05.16 00:12:26 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys> in the current context!
========== COMMANDS ==========
[EMPTYTEMP]
User: 1
->Temp folder emptied: 25600298 bytes
->Temporary Internet Files folder emptied: 12157429 bytes
->Java cache emptied: 1912167 bytes
->Flash cache emptied: 1959448 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 51119 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 1419752 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4241394 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 9528969 bytes
Total Files Cleaned = 56,00 mb
[EMPTYFLASH]
User: 1
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.6.0 log created on 06102010_220007
Files\Folders moved on Reboot...
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\QBU3ZFM1\afr[2].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\QBU3ZFM1\afr[3].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\QBU3ZFM1\afr[4].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\QBU3ZFM1\honeypot_export[1].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\JZ21RTHE\viewtopic[1].htm moved successfully.
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Problém WIN32. Kates AV
All processes killed
Error: Unable to interpret <OTL> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\Toolbar\ShellBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.> in the current context!
Error: Unable to interpret <[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]> in the current context!
Error: Unable to interpret <[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]> in the current context!
Error: Unable to interpret <[2010.06.10 11:07:28 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat> in the current context!
Error: Unable to interpret <[2002.05.16 00:12:26 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys> in the current context!
========== COMMANDS ==========
[EMPTYTEMP]
User: 1
->Temp folder emptied: 710996 bytes
->Temporary Internet Files folder emptied: 2297624 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 826 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 35092 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 428233 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 803 bytes
Total Files Cleaned = 3,00 mb
[EMPTYFLASH]
User: 1
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.6.0 log created on 06112010_084940
Files\Folders moved on Reboot...
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\ZDWTEYJ8\afr[1].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\4PUN8TEB\viewtopic[1].htm moved successfully.
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Error: Unable to interpret <OTL> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\Toolbar\ShellBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.> in the current context!
Error: Unable to interpret <[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]> in the current context!
Error: Unable to interpret <[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]> in the current context!
Error: Unable to interpret <[2010.06.10 11:07:28 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat> in the current context!
Error: Unable to interpret <[2002.05.16 00:12:26 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys> in the current context!
========== COMMANDS ==========
[EMPTYTEMP]
User: 1
->Temp folder emptied: 710996 bytes
->Temporary Internet Files folder emptied: 2297624 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 826 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 35092 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 428233 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 803 bytes
Total Files Cleaned = 3,00 mb
[EMPTYFLASH]
User: 1
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.6.0 log created on 06112010_084940
Files\Folders moved on Reboot...
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\ZDWTEYJ8\afr[1].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\4PUN8TEB\viewtopic[1].htm moved successfully.
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Skript se zase neprovedl...Re: Problém WIN32. Kates AV
vsechno kopiruju z ramecku jak mate napsano
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Problém WIN32. Kates AV
zkusim to tedy jeste jednou,ale uz jedu na vikend pryc,tak bychom pokracovali v pondeli. Moc dekuji zatim za pomoc. Hned v pondeli to zkusim znovu a poslu log
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Problém WIN32. Kates AV
Zdravím,tak jsem znovu vložil script,ale myslim ze je stejny vysledek, zde je log a na konci zkopiruju pro kontrolu i ten script co vkládam do programu OTL
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1659004503-1202660629-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
File/Folder C:\WINDOWS\System32\*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\system32\ezsidmv.dat moved successfully.
C:\WINDOWS\system32\drivers\PciBus.sys moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: 1
->Temp folder emptied: 622960 bytes
->Temporary Internet Files folder emptied: 1780845 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 593 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 35092 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 382047 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 3,00 mb
[EMPTYFLASH]
User: 1
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.6.0 log created on 06142010_091811
Files\Folders moved on Reboot...
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\KBK3YX2T\afr[1].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\KBK3YX2T\honeypot_export[1].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\AYTW12Z7\afr[1].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\21MJONUJ\afr[1].htm moved successfully.
File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!
Registry entries deleted on Reboot...
:OTL
O3 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\Toolbar\ShellBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2010.06.10 11:07:28 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2002.05.16 00:12:26 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS]
[CREATERESTOREPOINT]
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1659004503-1202660629-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
File/Folder C:\WINDOWS\System32\*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\system32\ezsidmv.dat moved successfully.
C:\WINDOWS\system32\drivers\PciBus.sys moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: 1
->Temp folder emptied: 622960 bytes
->Temporary Internet Files folder emptied: 1780845 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 593 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 35092 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 382047 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 3,00 mb
[EMPTYFLASH]
User: 1
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.6.0 log created on 06142010_091811
Files\Folders moved on Reboot...
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\KBK3YX2T\afr[1].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\KBK3YX2T\honeypot_export[1].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\AYTW12Z7\afr[1].htm moved successfully.
C:\Documents and Settings\1\Local Settings\Temporary Internet Files\Content.IE5\21MJONUJ\afr[1].htm moved successfully.
File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!
Registry entries deleted on Reboot...
:OTL
O3 - HKU\S-1-5-21-1659004503-1202660629-1801674531-1003\..\Toolbar\ShellBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2010.06.10 11:07:28 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2002.05.16 00:12:26 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS]
[CREATERESTOREPOINT]
Přispějete na provoz fóra?
